1
|
<?php
|
2
|
/*
|
3
|
* ### CKFinder : Configuration File - Basic Instructions
|
4
|
*
|
5
|
* In a generic usage case, the following tasks must be done to configure
|
6
|
* CKFinder:
|
7
|
* 1. Check the $baseUrl and $baseDir variables;
|
8
|
* 2. If available, paste your license key in the "LicenseKey" setting;
|
9
|
* 3. Create the CheckAuthentication() function that enables CKFinder for authenticated users;
|
10
|
*
|
11
|
* Other settings may be left with their default values, or used to control
|
12
|
* advanced features of CKFinder.
|
13
|
*/
|
14
|
|
15
|
/**
|
16
|
* This function must check the user session to be sure that he/she is
|
17
|
* authorized to upload and access files in the File Browser.
|
18
|
*
|
19
|
* @return boolean
|
20
|
*/
|
21
|
function CheckAuthentication()
|
22
|
{
|
23
|
// WARNING : DO NOT simply return "true". By doing so, you are allowing
|
24
|
// "anyone" to upload and list the files in your server. You must implement
|
25
|
// some kind of session validation here. Even something very simple as...
|
26
|
|
27
|
// return isset($_SESSION['IsAuthorized']) && $_SESSION['IsAuthorized'];
|
28
|
|
29
|
// ... where $_SESSION['IsAuthorized'] is set to "true" as soon as the
|
30
|
// user logs in your system. To be able to use session variables don't
|
31
|
// forget to add session_start() at the top of this file.
|
32
|
|
33
|
// return false;
|
34
|
//Joshua //2012.10.12
|
35
|
return true;
|
36
|
}
|
37
|
|
38
|
// LicenseKey : Paste your license key here. If left blank, CKFinder will be
|
39
|
// fully functional, in demo mode.
|
40
|
$config['LicenseName'] = '';
|
41
|
$config['LicenseKey'] = '';
|
42
|
|
43
|
/*
|
44
|
Uncomment lines below to enable PHP error reporting and displaying PHP errors.
|
45
|
Do not do this on a production server. Might be helpful when debugging why CKFinder does not work as expected.
|
46
|
*/
|
47
|
//error_reporting(E_ALL);
|
48
|
//ini_set('display_errors', 1);
|
49
|
|
50
|
/*
|
51
|
To make it easy to configure CKFinder, the $baseUrl and $baseDir can be used.
|
52
|
Those are helper variables used later in this config file.
|
53
|
*/
|
54
|
|
55
|
/*
|
56
|
$baseUrl : the base path used to build the final URL for the resources handled
|
57
|
in CKFinder. If empty, the default value (/userfiles/) is used.
|
58
|
|
59
|
Examples:
|
60
|
$baseUrl = 'http://example.com/ckfinder/files/';
|
61
|
$baseUrl = '/userfiles/';
|
62
|
|
63
|
ATTENTION: The trailing slash is required.
|
64
|
*/
|
65
|
//$baseUrl = '/ckfinder/userfiles/';
|
66
|
//Joshua //2012.10.12
|
67
|
$baseUrl = '/ckfinder/userfiles/';
|
68
|
/*
|
69
|
$baseDir : the path to the local directory (in the server) which points to the
|
70
|
above $baseUrl URL. This is the path used by CKFinder to handle the files in
|
71
|
the server. Full write permissions must be granted to this directory.
|
72
|
|
73
|
Examples:
|
74
|
// You may point it to a directory directly:
|
75
|
$baseDir = '/home/login/public_html/ckfinder/files/';
|
76
|
$baseDir = 'C:/SiteDir/CKFinder/userfiles/';
|
77
|
|
78
|
// Or you may let CKFinder discover the path, based on $baseUrl.
|
79
|
// WARNING: resolveUrl() *will not work* if $baseUrl does not start with a slash ("/"),
|
80
|
// for example if $baseDir is set to http://example.com/ckfinder/files/
|
81
|
$baseDir = resolveUrl($baseUrl);
|
82
|
|
83
|
ATTENTION: The trailing slash is required.
|
84
|
*/
|
85
|
$baseDir = resolveUrl($baseUrl);
|
86
|
|
87
|
/*
|
88
|
* ### Advanced Settings
|
89
|
*/
|
90
|
|
91
|
/*
|
92
|
Thumbnails : thumbnails settings. All thumbnails will end up in the same
|
93
|
directory, no matter the resource type.
|
94
|
*/
|
95
|
$config['Thumbnails'] = Array(
|
96
|
'url' => $baseUrl . '_thumbs',
|
97
|
'directory' => $baseDir . '_thumbs',
|
98
|
'enabled' => true,
|
99
|
'directAccess' => false,
|
100
|
'maxWidth' => 100,
|
101
|
'maxHeight' => 100,
|
102
|
'bmpSupported' => false,
|
103
|
'quality' => 80);
|
104
|
|
105
|
/*
|
106
|
Set the maximum size of uploaded images. If an uploaded image is larger, it
|
107
|
gets scaled down proportionally. Set to 0 to disable this feature.
|
108
|
*/
|
109
|
$config['Images'] = Array(
|
110
|
'maxWidth' => 1600,
|
111
|
'maxHeight' => 1200,
|
112
|
'quality' => 80);
|
113
|
|
114
|
/*
|
115
|
RoleSessionVar : the session variable name that CKFinder must use to retrieve
|
116
|
the "role" of the current user. The "role", can be used in the "AccessControl"
|
117
|
settings (bellow in this page).
|
118
|
|
119
|
To be able to use this feature, you must initialize the session data by
|
120
|
uncommenting the following "session_start()" call.
|
121
|
*/
|
122
|
$config['RoleSessionVar'] = 'CKFinder_UserRole';
|
123
|
//session_start();
|
124
|
|
125
|
/*
|
126
|
AccessControl : used to restrict access or features to specific folders.
|
127
|
|
128
|
Many "AccessControl" entries can be added. All attributes are optional.
|
129
|
Subfolders inherit their default settings from their parents' definitions.
|
130
|
|
131
|
- The "role" attribute accepts the special '*' value, which means
|
132
|
"everybody".
|
133
|
- The "resourceType" attribute accepts the special value '*', which
|
134
|
means "all resource types".
|
135
|
*/
|
136
|
|
137
|
$config['AccessControl'][] = Array(
|
138
|
'role' => '*',
|
139
|
'resourceType' => '*',
|
140
|
'folder' => '/',
|
141
|
|
142
|
'folderView' => true,
|
143
|
'folderCreate' => true,
|
144
|
'folderRename' => true,
|
145
|
'folderDelete' => false,//true, //Joshua //2012.10.12
|
146
|
|
147
|
'fileView' => true,
|
148
|
'fileUpload' => true,
|
149
|
'fileRename' => false,//true, //Joshua //2012.10.12
|
150
|
'fileDelete' => false); //true); //Joshua //2012.10.12
|
151
|
|
152
|
/*
|
153
|
For example, if you want to restrict the upload, rename or delete of files in
|
154
|
the "Logos" folder of the resource type "Images", you may uncomment the
|
155
|
following definition, leaving the above one:
|
156
|
|
157
|
$config['AccessControl'][] = Array(
|
158
|
'role' => '*',
|
159
|
'resourceType' => 'Images',
|
160
|
'folder' => '/Logos',
|
161
|
|
162
|
'folderView' => true,
|
163
|
'folderCreate' => true,
|
164
|
'folderRename' => true,
|
165
|
'folderDelete' => true,
|
166
|
|
167
|
'fileView' => true,
|
168
|
'fileUpload' => false,
|
169
|
'fileRename' => false,
|
170
|
'fileDelete' => false);
|
171
|
*/
|
172
|
|
173
|
/*
|
174
|
ResourceType : defines the "resource types" handled in CKFinder. A resource
|
175
|
type is nothing more than a way to group files under different paths, each one
|
176
|
having different configuration settings.
|
177
|
|
178
|
Each resource type name must be unique.
|
179
|
|
180
|
When loading CKFinder, the "type" querystring parameter can be used to display
|
181
|
a specific type only. If "type" is omitted in the URL, the
|
182
|
"DefaultResourceTypes" settings is used (may contain the resource type names
|
183
|
separated by a comma). If left empty, all types are loaded.
|
184
|
|
185
|
maxSize is defined in bytes, but shorthand notation may be also used.
|
186
|
Available options are: G, M, K (case insensitive).
|
187
|
1M equals 1048576 bytes (one Megabyte), 1K equals 1024 bytes (one Kilobyte), 1G equals one Gigabyte.
|
188
|
Example: 'maxSize' => "8M",
|
189
|
*/
|
190
|
$config['DefaultResourceTypes'] = '';
|
191
|
|
192
|
$config['ResourceType'][] = Array(
|
193
|
'name' => 'Files', // Single quotes not allowed
|
194
|
'url' => $baseUrl . 'files',
|
195
|
'directory' => $baseDir . 'files',
|
196
|
'maxSize' => 0,
|
197
|
'allowedExtensions' => '7z,aiff,asf,avi,bmp,csv,doc,docx,fla,flv,gif,gz,gzip,jpeg,jpg,mid,mov,mp3,mp4,mpc,mpeg,mpg,ods,odt,pdf,png,ppt,pptx,pxd,qt,ram,rar,rm,rmi,rmvb,rtf,sdc,sitd,swf,sxc,sxw,tar,tgz,tif,tiff,txt,vsd,wav,wma,wmv,xls,xlsx,zip',
|
198
|
'deniedExtensions' => '');
|
199
|
|
200
|
$config['ResourceType'][] = Array(
|
201
|
'name' => 'Images',
|
202
|
'url' => $baseUrl . 'images',
|
203
|
'directory' => $baseDir . 'images',
|
204
|
'maxSize' => 0,
|
205
|
'allowedExtensions' => 'bmp,gif,jpeg,jpg,png',
|
206
|
'deniedExtensions' => '');
|
207
|
|
208
|
$config['ResourceType'][] = Array(
|
209
|
'name' => 'Flash',
|
210
|
'url' => $baseUrl . 'flash',
|
211
|
'directory' => $baseDir . 'flash',
|
212
|
'maxSize' => 0,
|
213
|
'allowedExtensions' => 'swf,flv',
|
214
|
'deniedExtensions' => '');
|
215
|
|
216
|
/*
|
217
|
Due to security issues with Apache modules, it is recommended to leave the
|
218
|
following setting enabled.
|
219
|
|
220
|
How does it work? Suppose the following:
|
221
|
|
222
|
- If "php" is on the denied extensions list, a file named foo.php cannot be
|
223
|
uploaded.
|
224
|
- If "rar" (or any other) extension is allowed, one can upload a file named
|
225
|
foo.rar.
|
226
|
- The file foo.php.rar has "rar" extension so, in theory, it can be also
|
227
|
uploaded.
|
228
|
|
229
|
In some conditions Apache can treat the foo.php.rar file just like any PHP
|
230
|
script and execute it.
|
231
|
|
232
|
If CheckDoubleExtension is enabled, each part of the file name after a dot is
|
233
|
checked, not only the last part. In this way, uploading foo.php.rar would be
|
234
|
denied, because "php" is on the denied extensions list.
|
235
|
*/
|
236
|
$config['CheckDoubleExtension'] = true;
|
237
|
|
238
|
/*
|
239
|
Increases the security on an IIS web server.
|
240
|
If enabled, CKFinder will disallow creating folders and uploading files whose names contain characters
|
241
|
that are not safe under an IIS web server.
|
242
|
*/
|
243
|
$config['DisallowUnsafeCharacters'] = false;
|
244
|
|
245
|
/*
|
246
|
If you have iconv enabled (visit http://php.net/iconv for more information),
|
247
|
you can use this directive to specify the encoding of file names in your
|
248
|
system. Acceptable values can be found at:
|
249
|
http://www.gnu.org/software/libiconv/
|
250
|
|
251
|
Examples:
|
252
|
$config['FilesystemEncoding'] = 'CP1250';
|
253
|
$config['FilesystemEncoding'] = 'ISO-8859-2';
|
254
|
*/
|
255
|
$config['FilesystemEncoding'] = 'UTF-8';
|
256
|
//Joshua //2012.10.12 //for Korean filenames.
|
257
|
//$config['FilesystemEncoding'] = 'CP949';
|
258
|
|
259
|
/*
|
260
|
Perform additional checks for image files
|
261
|
if set to true, validate image size
|
262
|
*/
|
263
|
$config['SecureImageUploads'] = true;
|
264
|
|
265
|
/*
|
266
|
Indicates that the file size (maxSize) for images must be checked only
|
267
|
after scaling them. Otherwise, it is checked right after uploading.
|
268
|
*/
|
269
|
$config['CheckSizeAfterScaling'] = true;
|
270
|
|
271
|
/*
|
272
|
For security, HTML is allowed in the first Kb of data for files having the
|
273
|
following extensions only.
|
274
|
*/
|
275
|
$config['HtmlExtensions'] = array('html', 'htm', 'xml', 'js');
|
276
|
|
277
|
/*
|
278
|
Folders to not display in CKFinder, no matter their location.
|
279
|
No paths are accepted, only the folder name.
|
280
|
The * and ? wildcards are accepted.
|
281
|
*/
|
282
|
$config['HideFolders'] = Array(".svn", "CVS");
|
283
|
|
284
|
/*
|
285
|
Files to not display in CKFinder, no matter their location.
|
286
|
No paths are accepted, only the file name, including extension.
|
287
|
The * and ? wildcards are accepted.
|
288
|
*/
|
289
|
$config['HideFiles'] = Array(".*");
|
290
|
|
291
|
/*
|
292
|
After file is uploaded, sometimes it is required to change its permissions
|
293
|
so that it was possible to access it at the later time.
|
294
|
If possible, it is recommended to set more restrictive permissions, like 0755.
|
295
|
Set to 0 to disable this feature.
|
296
|
Note: not needed on Windows-based servers.
|
297
|
*/
|
298
|
$config['ChmodFiles'] = 0777 ;
|
299
|
|
300
|
/*
|
301
|
See comments above.
|
302
|
Used when creating folders that does not exist.
|
303
|
*/
|
304
|
$config['ChmodFolders'] = 0755 ;
|
305
|
|
306
|
/*
|
307
|
Force ASCII names for files and folders.
|
308
|
If enabled, characters with diactric marks, like ?, ?, ?, ?, ?, đ, ?
|
309
|
will be automatically converted to ASCII letters.
|
310
|
*/
|
311
|
$config['ForceAscii'] = false;
|
312
|
|
313
|
|
314
|
include_once "plugins/imageresize/plugin.php";
|
315
|
include_once "plugins/fileeditor/plugin.php";
|
316
|
|
317
|
$config['plugin_imageresize']['smallThumb'] = '90x90';
|
318
|
$config['plugin_imageresize']['mediumThumb'] = '120x120';
|
319
|
$config['plugin_imageresize']['largeThumb'] = '180x180';
|